Snowflake Data Compliance: Enhancing Native Features With A Unified Control Plane For Data
Share this article
Snowflake’s data compliance framework is designed to protect data integrity, security, and governance across all its data storage and processing operations.
See How Atlan Simplifies Data Governance – Start Product Tour
To ensure compliance with industry-standard regulations, Snowflake undergoes rigorous external audits that assess its system architecture and implementation. As a result, Snowflake has been awarded several global and industry-specific certifications like SOC Type II, FedRAMP, and HITRUST CSF.
Additionally, Snowflake’s data governance features help enterprises comply with major data protection laws and regulations across industries and geographies, such as GDPR, CCPA, etc.
This article covers Snowflake’s key data compliance features and how a unified control plane for data governance, like Atlan, can further enhance compliance capabilities.
Table of contents #
- Snowflake data compliance: Native features
- Snowflake data compliance with Atlan
- Summing up
- Snowflake data compliance: Related reads
Snowflake data compliance: Native features #
In addition to the compliance certifications, Snowflake provides native features that support data privacy and protection.
Compliance with regulations, such as the GDPR, often involves shared responsibility for data storage, movement, and processing. For instance, Snowflake’s data security features, such as Continuous Data Protection, time travel, cloning, dynamic data masking, and row access policies support compliance with GDPR and other data protection requirements.
Let’s see how.
GDPR compliance with Snowflake #
Several Snowflake features address GDPR compliance requirements:
- Right to erasure (right to be forgotten): Using data lineage, object dependencies, and access history, you can identify and delete a person’s data upon request.
- Transparent information, communication and modalities for the exercise of the rights of the data subject: Snowflake’s internal notification system automates data workflows and communicates the updates about what’s happening with the data. You can also integrate this with external cloud platform notification services like Amazon SNS, Azure Event Grid, and Google Pub/Sub.
- Right to restriction of processing: Using data classification, row access policies, and dynamic data masking in Snowflake, you can restrict data access and processing, as required.
For example, this masking policy ensures only data stewards can view a customer’s phone number:
CREATE OR REPLACE MASKING POLICY phone_number_mask AS (val string) RETURNS string ->
CASE
WHEN CURRENT_ROLE() IN ('DATA_STEWARD') THEN val
ELSE '********'
END;
You can do something similar with row access policies.
These features extend beyond GDPR, supporting other regulatory frameworks like CCPA, IRAP, etc.
Auditing and monitoring with Snowflake #
External audits require you to open up your systems for inspection. When that happens, your system’s security, integrity, and governance-related specifications will be tested.
Here are some compliance-ready features that can help you prove that you have a safe and secure platform for data storage, movement, and processing:
- Network rules and security restrictions on data at rest and in transit: Snowflake lets you create network rules, apply network policies, and communicate via private endpoints to cloud-based object stores for internal stages.
- Detailed logs of how and when any data was processed and which data platform components were involved: For this, Snowflake provides the
query_historyview in theACCOUNT_USAGEschema, which captures the exact query that was run to process your data. - Audit trail of who logged in, what action they performed, and what data they accessed: Snowflake also provides the
access_historyview in theACCOUNT_USAGEschema, which breaks down exactly which objects were accessed and modified, and which policies were referenced.
With these features, Snowflake provides a solid foundation for meeting your data compliance requirements. However, comprehensive compliance across a multi-tool data ecosystem often requires a broader scope – essentially, a control plane of data. This is where Atlan comes in.
Let’s see how an Altan + Snowflake setup can help you meet your organization’s compliance requirements.
Snowflake data compliance with Atlan #
Much like Snowflake, Atlan’s architecture is also based on a security-first approach that helps you achieve data integrity and security requirements.
Atlan works seamlessly with Snowflake and other tools in your stack, providing a unified view of data assets and applying consistent compliance standards across your data ecosystem.
Atlan’s compliance features include (but aren’t limited to):
- Automatic PII tag propagation and tag-based access policies enablement
- Column-level access controls that work with Snowflake’s RBAC model
- Data access policies through column-level data lineage (captured natively) and also from Snowflake
- Detailed activity logs across all connected systems
- Automated security and compliance reporting for regulatory bodies like GDPR, CCPA, and PCI DSS
- A transparency center with a top-down view of policy coverage across your data ecosystem
- Real-time alerts to notify your teams of any metadata changes (including schema changes), asset creation, and deletion
For transparency, Atlan has a frequently-updated page that captures the latest statuses of all compliance standards and assessments. The FAQs concerning compliance are also useful for anyone looking to connect Snowflake and Atlan, especially for ensuring smooth operations while enabling compliance.
How Tide achieved GDPR compliance with Snowflake and Atlan #
Tide is a business banking & finance company that serves over 10% of all SMEs in the UK. It used Snowflake and Atlan to meet GDPR standards, reducing 50 days of manual work to just 5 hours.
Snowflake provided object tagging, while Atlan enabled column masking and automatic data tagging via Playbooks, ensuring GDPR compliance efficiently and securely.
Summing up #
Snowflake’s native features and certifications provide a solid foundation for data compliance. By adding Atlan as a control plane, enterprises gain a unified, ecosystem-wide view of compliance. This approach enables faster, automated data management processes and strengthens compliance across all data assets.
Snowflake data compliance: Related reads #
- Data Governance and Compliance: An Act of Checks and Balances
- Data Compliance Management: Concept, Components, Steps (2024)
- Snowflake Data Cloud Summit 2024: Get Ready and Fit for AI
- How to Set Up a Data Catalog for Snowflake: A Step-by-Step Guide
- How to Set Up Snowflake Data Lineage: Step-by-Step Guide
- How to Set Up Data Governance for Snowflake: A Step-by-Step Guide
- Snowflake Metadata Management: Importance, Challenges, and Identifying The Right Platform
- Snowflake Data Governance: Native Features, Atlan Integration, and Best Practices
- Snowflake Data Dictionary: Documentation for Your Database
- Snowflake Data Security: A Complete Guide for 2024
- Snowflake Data Access Control Made Easy and Scalable
- Glossary for Snowflake: Shared Understanding Across Teams
- Snowflake Data Catalog: Importance, Benefits, Native Capabilities & Evaluation Guide
- Snowflake Data Mesh: Step-by-Step Setup Guide
- Managing Metadata in Snowflake: A Comprehensive Guide
- How to Query Information Schema on Snowflake? Examples, Best Practices, and Tools
Share this article